package cn.ljy.authority.config.security.user;


import org.springframework.security.authentication.dao.DaoAuthenticationProvider;

/**
 * 专门用于验证验证码
 * 在密码校验前执行
 */
public class MyAuthenticationProvider extends DaoAuthenticationProvider {

  /*  @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
        // 获取前端传递过来的验证码
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        String code = request.getParameter("code");
        // 获取session中保存的验证码
        String vf = (String)request.getSession().getAttribute("vf");
        if (code == null || vf == null || !code.equals(vf)) {
            throw new AuthenticationServiceException("验证码错误");
        }
        //如果验证通过，则进入到下一步校验密码
        super.additionalAuthenticationChecks(userDetails, authentication);
    }*/
}